on 05-20-2008 7:23 AM
hi,
transport is done by basis guys, but sometimes when we are out of reach, and user needs the transport urgently they will want to perform the transport themselves.
i have created a role to control and avoid the user from mistakenly transporting other people's transport request (TR).
the control is mainly in the object S_CTS_ADMI, in order to only allow the user to transport their own TR, i have set below value for object S_CTS_ADMI
EPS1
IMPS
TABL
TADD
it works but still not good enough because i still haven't found any object that can control to which client they can transport. even though right now i have restricted them to only transport their own TRs, but i can't control if they transport to wrong client.
other than using transport group, any other authorisation object can achieve the same control ?
please help.
comment and advice will highly be appreciated.
regards,
kent
I don't understand why you want to do this?.... from an audit point of view this is quite a big problem as is completely disregarding segregation of duties. Basically by doing this you're allowing transports to go from one place to another one without any sort of control.
Thats my 2 cents.
Regards
Juan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hi Juan,
thanks for your 2 cents and concern.
emm ... let's not think about this issue from audit perspective, let's see it from technical perspective.
i would like to know if it is technically possible ? to confine a user to only transport its own TRs to a specific client only.
thanks.
regards,
kent
User | Count |
---|---|
78 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.